login/change_password_form.php

   1 <?php
   2
   3 require_once $CFG->libdir.'/formslib.php';
   4
   5 class login_change_password_form extends moodleform {
   6
   7     function definition() {
   8         global $USER, $CFG;
   9
  10         $mform =& $this->_form;
  11
  12         $mform->addElement('header', '', get_string('changepassword'), '');
  13
  14         // visible elements
  15         $mform->addElement('static', 'username', get_string('username'), $USER->username);
  16
  17         if (!empty($CFG->passwordpolicy)){
  18             $mform->addElement('static', 'passwordpolicyinfo', '', print_password_policy());
  19         }
  20         $mform->addElement('password', 'password', get_string('oldpassword'));
  21         $mform->addRule('password', get_string('required'), 'required', null, 'client');
  22         $mform->setType('password', PARAM_RAW);
  23
  24         $mform->addElement('password', 'newpassword1', get_string('newpassword'));
  25         $mform->addRule('newpassword1', get_string('required'), 'required', null, 'client');
  26         $mform->setType('newpassword1', PARAM_RAW);
  27
  28         $mform->addElement('password', 'newpassword2', get_string('newpassword').' ('.get_String('again').')');
  29         $mform->addRule('newpassword2', get_string('required'), 'required', null, 'client');
  30         $mform->setType('newpassword2', PARAM_RAW);
  31
  32
  33         // hidden optional params
  34         $mform->addElement('hidden', 'id', 0);
  35         $mform->setType('id', PARAM_INT);
  36
  37         // buttons
  38         if (get_user_preferences('auth_forcepasswordchange')) {
  39             $this->add_action_buttons(false);
  40         } else {
  41             $this->add_action_buttons(true);
  42         }
  43     }
  44
  45 /// perform extra password change validation
  46     function validation($data, $files) {
  47         global $USER;
  48         $errors = parent::validation($data, $files);
  49
  50         update_login_count();
  51
  52         // ignore submitted username
  53         if (!$user = authenticate_user_login($USER->username, $data['password'])) {
  54             $errors['password'] = get_string('invalidlogin');
  55             return $errors;
  56         }
  57
  58         reset_login_count();
  59
  60         if ($data['newpassword1'] <> $data['newpassword2']) {
  61             $errors['newpassword1'] = get_string('passwordsdiffer');
  62             $errors['newpassword2'] = get_string('passwordsdiffer');
  63             return $errors;
  64         }
  65
  66         if ($data['password'] == $data['newpassword1']){
  67             $errors['newpassword1'] = get_string('mustchangepassword');
  68             $errors['newpassword2'] = get_string('mustchangepassword');
  69             return $errors;
  70         }
  71
  72         $errmsg = '';//prevents eclipse warnings
  73         if (!check_password_policy($data['newpassword1'], $errmsg)) {
  74             $errors['newpassword1'] = $errmsg;
  75             $errors['newpassword2'] = $errmsg;
  76             return $errors;
  77         }
  78
  79         return $errors;
  80     }
  81 }